> ----------
> From: Sukanta Ganguly[SMTP:sganguly@novell.com]
> Sent: Wednesday, October 22, 1997 1:14 PM
>
> Hi,
> I have a hard time understanding why would the "who" contain the
> information of "from where". The identity should be maintained
> uniquely by
> "who" irrespective of from where the connection is made.
>
If you say that the access rights are different based on where you
connect from, then, in classical protection models, by definition it is
a different _principal_. The informal word for principal is "who".
Principals are not identical with users. In other systems, the principal
changed when the same user executes programs in different domains, for
example. Principals have often been tuples -- in our case, _if_ we want
to have access rights depend on from where the connection was made, then
maybe principals would be (user, location) pairs.
For background, see, for example, "Protection Strucutures", Popek, IEE
Computer, June 1974, or "Protection, Principles and Practice", Graham &
Denning, SJCC, 1972, or "Protection", Lampson, Preceeding 5th Princeton
Conf Info Sciences and Systems, 1971.
Paul